The Bumpy Road to Private Clouds

When we first heard about cloud computing, public clouds got most of the attention. But as IT managers looked at the security risks of having data outside the corporate firewall, they turned their attention to private clouds, which analysts and various surveys suggest will get more enterprise investment in the next few years.

When we first heard about cloud computing, public clouds got most of the attention. But as IT managers looked at the security risks of having data outside the corporate firewall, they turned their attention to private clouds, which analysts and various surveys suggest will get more enterprise investment in the next few years.

But private clouds have their share of challenges too. There are management issues and operational processes to figure out. And, of course, an on-premises private cloud needs to be built internally by IT, which takes time, money and a climb up the learning curve. Indeed, the transition from a traditional data center -- even one with some servers virtualized -- to a private cloud architecture is no easy task, especially given that the entire data center won't be cloud-enabled, at least not right away.

Related Reading

(While we generally think of a private cloud as being inside a company's firewall, a private cloud can also be off-premises -- hosted by a third party -- and still remain under the control of the company's IT organization. But this article is only about on-premises private clouds.)

Also, despite the hype you might hear, no single vendor today provides all of the software required to build and manage a real private cloud -- that is, one with server virtualization, storage virtualization, network virtualization, and resource automation and orchestration. Look for vendors to increasingly create their own definitions of private cloud to fit their product sets.

Many IT managers equate a private cloud with virtualization. What they describe is usually virtual infrastructure, meaning that "you can treat your servers, storage and networks as a single pool of resources that workloads can request on demand," explains Tony Iams, an analyst at Ideas International Ltd., an IT research firm.

But virtualization and the cloud aren't the same thing; to be considered a cloud, the architecture must be set up to provide resource orchestration and automation on top of the virtualization layer.

Orchestration is the coordinated delivery of many types of resources, such as processors, storage and networks, to provide an integrated provisioning process. It means that resources can be delivered in minutes rather than days or weeks. A single command or request causes a number of actions to occur, possibly in a specific sequence, to coordinate the provisioning request.

The whole point of a private cloud is to allow IT managers to reduce costs and provide so-called agile provisioning rather than just making management of the infrastructure more convenient. A private cloud with virtualization underpinnings turns the technology infrastructure into a pool of resources that can be provisioned on demand with minimal manual labor.

In Perspective

Are You Ready? Probably Not

Forrester Research estimates that only 5% of corporate IT shops are really ready to offer private cloud service. A recent Forrester report by analyst James Staten says that your IT operation is "cloud-ready" if:

* You have standardized procedures for the deployment, configuration and management of virtual machines.

* You have turned over the deployment and management of virtual machines to automated tools.

* You provide self-service access for end users.

* Your business units are ready to share the same infrastructure.

Before moving toward private clouds, IT shops must become even more efficient at server virtualization. Most IT departments lack consistent procedures for tracking the deployment, usage and ownership of virtual machines; that leads to "virtual machine sprawl," which will cancel out the economic savings of a private cloud, Forrester says.

IT shops also need to learn to manage the entire pool of virtualized servers rather than single virtual machines or workloads, the report adds.

Once your virtualization house is in order, Forrester suggests the following steps to get started with a private cloud:

* Begin with noncritical workloads to show that it works.

* If a business unit is willing to invest in cloud computing, set up a brand-new cloud environment just for them.

* Get executive support -- actually, a mandate -- so that business units will share the pool of virtual resources.

* Show the benefits, such as dramatically faster deployment and lower costs.

* Embrace public clouds that can supplement your internal cloud.

In a traditional data center setup, "every time you add a server, somebody has to walk to a firewall console, set up firewall rules, attach the server to a VLAN, set up load balancing" and do many other tasks, explains Jeff Deacon, cloud computing principal at Verizon Business, a unit of Verizon Communications Inc. that provides managed services. But a private cloud needs little human intervention other than bringing in new computers or storage to keep up with demand. In a cloud environment, there is one console that lets operators set parameters to automate the entire process, rather than requiring IT personnel to log into different consoles for security, networking and server operating system functions.

Another big difference between private clouds and traditional data centers involves IT processes, which probably need to be revamped for a private cloud. Today, for example, to provide computing resources, IT organizations typically have to get budget approvals, discuss the implications with storage, network and server groups, and fill out tons of paperwork. This type of process is in stark contrast to the streamlined, short-duration provisioning done in clouds. The time-to-provision may go from weeks in the traditional data center to minutes in a cloud.

The systems running older applications may need an overhaul too, if they're based on mainframes and proprietary Unix platforms. Most virtualized environments, including private clouds, are geared to run on x86-based systems. Also, in a virtualized environment, you generally don't know exactly where an application is running at any given time. Because most legacy applications are tied to a specific platform, running them in a private cloud will often require re-architecting them.

Divorcing applications from the hardware is a hallmark of clouds, including private clouds. In a traditional data center, you might have 10 servers running billing applications, and five other servers running customer data apps. But with a private cloud, it's not known ahead of time which servers will run which specific applications. The applications run on whichever servers have free cycles at the time the apps need to run.

Private clouds involve two groups of people: the IT operations staff and the business users who want to run applications. A private cloud gives business users the opportunity to quickly provision a server and run an application when they want to, without human intervention.

The IT operations staffers have to make sure that sufficient resources are available for the type of on-demand computing that business users have heard is available with public clouds, and that usually means that the wait for user-requested resources is minutes, not days. Anything short of this, and end users won't be happy.

By the Numbers

Private Clouds: Pros and Cons

What kind of cloud computing are you planning or implementing?

* No clouds under consideration at this time: 53%

* Private cloud only: 18%

* A combination of public and private clouds: 17%

* Public cloud only: 12%

Base: 155 IT managers

What do you see as the advantages of private clouds over public clouds?

This is what private clouds are all about: providing the on-demand elasticity of public clouds, but doing it within the company's firewall.

By the way, business users may expect private clouds to act like public clouds. In a public cloud, the public cloud provider's IT operations group is responsible for the computer infrastructure, and the customer's business application groups manage and monitor their own applications on the public cloud. If the private cloud is expected to operate in a similar manner, then the IT group may need to give up its traditional application-management role.

Getting Started

The first step down the path to a private cloud is to go beyond server virtualization. Iams outlines these subsequent steps:

• Virtualize your storage and try to achieve the same flexibility with storage that you already have with virtualized servers.

You know that your infrastructure has been fully virtualized when you have server virtualization, storage virtualization and network virtualization. The crossover point from a virtual infrastructure to private cloud comes when you have the management tools that treat all three types of resources -- servers, storage and networks -- as a single pool that can be allocated on demand.

Of course, all this is from a technology point of view. Iams says that there is a parallel set of steps from the organizational perspective, including people, processes, governance, policy and funding. One key question: What does a private cloud structure do to budgets and financial flow within an organization?

Public clouds require users to pay only for what they use. Because a private cloud doesn't provide users with a fixed amount of capacity like they may have had with a traditional data center, chargeback is almost certain to be an integral part of private cloud environments. Chargeback is a way of rationing computing resources, which is especially important when obtaining resources is as easy as filling out a Web form.

Paul Cameron, head of enterprise services at Suncorp Group, a major financial services provider in Brisbane, Australia, says that when his company began planning its private cloud, it created a service-based operating model and a service catalog. The service catalog contains the list of services being automated for internal use and is available to business users via a self-service portal.

A key to building that catalog was storing information about Suncorp's assets and business application relationships in a configuration management database (CMDB). All of Suncorp's major IT processes -- incident, problem, asset and change -- use the CMDB.

Populating a service catalog can be time-consuming. But if you're using IT service management and change management tools such as BMC Software Inc.'s Remedy product line or Service-now.com and have a CMDB in place, it can be easier. You can work through the appropriate services in the CMDB to provide the automated services listed in a service catalog. This is what Suncorp is doing with its BMC Remedy-based CMDB.

Cameron says that Suncorp deployed a private cloud to provide better and faster IT provisioning to business users. Suncorp users can go to a self-service portal and request resources and services. Once the requests are made, the fulfillment of these services is automated. Cameron says that about 80% of Suncorp's data center services are now covered by automated self-service portals.

While private clouds are pitched as ideal for companies concerned about security and regulatory compliance, Cameron cautions that private clouds force implementers to rethink how they do security. For example, traditional firewalls won't always provide satisfactory security in cloud environments where workloads can be moved around to less-secure portions of the network. So Suncorp is now virtualizing its firewalls.

Keeping Up With Demand

Jeffrey Driscoll, a systems engineer at consultancy Precision IT Group LLC, says the basic building blocks of a private cloud are servers, storage (such as a SAN) and virtualization software. "Then you start building a cluster," he says, and after that cluster is complete, "capacity planning becomes critical."